4 Networking in Azure

This chapter covers

Creating and using virtual network, subnets and network security groups
Using best practices for creating and managing virtual networks
Distributing traffic from an outside network to internal resources

Where compute is the brains of a cloud project, the networks that combine them are the arteries and blood lines. Just like computing, you need networking for anything you do with cloud computing on Azure. There is no choice. At times the network parts of your infrastructure will be abstracted away from you, but they are still there.

Now we are going to focus on the virtual networks in Azure that you can control, manage, and make jump through hoops made of IP address ranges. When managed effectively, virtual networks in Azure can secure against intruders, optimize data efficiency, help with traffic authorization, and form part of your applications internet footprint.

4.1 What is a virtual network?

When two resources on Azure need to communicate securely with each other, a resource needs to send and receive data with the public Internet, or a service has to communicate with an on-premises network, you have to use a virtual network. Just like cars need roads to drive on, cloud data from services need virtual networks to travel through. Azure virtual networks also embody the very foundations of cloud computing we discussed in chapter 1: reliability and scalability.

4.2 Subnets

4.2.1 Classless Inter-Domain Routing

4.2.2 Logical separation

4.2.3 Routing optimization

4.3 Network Security Groups

4.3.1 Creating rules

4.4 Connecting Networks

4.4.1 VNet peering

4.4.2 VPN Gateway

4.4.3 ExpressRoute

4.4.4 Which connection to use when?

4.5 Distributing network traffic with Load Balancer

4.5.1 Public IP address

4.5.2 Backend Pool and VM Scale Sets

4.5.3 Health probes

4.5.4 Load balancing rules

4.5.5 Putting it all together to create a Load Balancer

4.6 Summary